Why we store credit card information

Ben Blodgett, May 21, 2013

Our donors frequently ask us why we store credit card information automatically. I wrote this post to help explain why we feel it is the right way to do things.

We only store credit cards for logged in users

It's a common misconception at nKoso that we automatically store credit card information for every donation. This is not the case. The only way we save your credit card information is if you are registered and logged in to your account. We understand some people prefer to donate anonymously. If you simply do not create an account, your credit card information will exist only for the duration of the transaction.

We believe donating should be easy

At nKoso we believe that donating to a good cause should be seamless. When a donor logs in to their account to make donations, we automatically store their credit card information so it takes less time to donate. This way when a donor wants to contribute to additional students (or additional years for the same student) they simply have to log in and enter the amount they wish to contribute.

Security is extremely important to us

Every time you enter credit card information into a website you risk becoming a victim of fraud. We do lots of things to eliminate attacks on your personal information. First, we force every request through SSL so attackers cannot intercept unencrypted data. When you enter your credit card information we encrypt it using AES-256, and send it securely to another server where it will simply be referenced for all future transactions. Using this approach only gives attackers 1 chance to intercept your information (after that it is never sent again, simply referenced).